The personal data of White House staffers and lawmakers of the US House of Representatives has been exposed on the dark web following a “significant data breach” at a health insurance marketplace, according to multiple US media.
DC Health Link, administered by the District of Columbia’s Health Benefit Exchange Authority, reported the data breach. The FBI reported that some of the information in the leak had been made available for purchase – and was in fact sold – following posts on the dark web Monday and Tuesday respectively.
House Chief Administrative Officer Catherine L. Szpindor informed recipients of the breach in an internal memo in which DC Health Link members were advised to freeze their credit.
“We can confirm that data for some DC Health Link customers has been exposed on a public forum,” DC Health Link said in a statement to CBS News. “We have initiated a comprehensive investigation and are working with forensic investigators and law enforcement.
“We are in the process of notifying impacted customers and will provide identity and credit monitoring services. In addition, and out of an abundance of caution, we will also provide credit monitoring services for all of our customers,” the statement continued.
An additional letter was sent by House Speaker Kevin McCarthy and House Minority Leader Hakeem Jeffries to DC Health Benefit Exchange Authority director Mila Kofman, saying they had been informed by the FBI that stolen user data made available for purchase on the dark web included “names of spouses, dependent children, their social security numbers and home addresses.
“This breach significantly increases the risk that Members, staff, and their families will experience identity theft, financial crimes, and physical threats — already an ongoing concern,” the two House leaders pointed out.
The FBI promised more information when it becomes available.
